PT-2021-15264 · Citrix · Citrix Workspace App For Windows

Name of the Vulnerable Software and Affected Versions: Citrix Workspace App for Windows versions prior to 2105 Citrix Workspace App for Windows 1912 LTSR prior to CU4 Description: An improper access control issue potentially allows privilege escalation. Recommendations: For versions prior to 2105...

Arbitrary file reading vulnerability in the cu***.php interface of the background of the Tianqing security isolation and information exchange system

Tianqing Security Isolation and Information Exchange System is the access control switch equipment with network isolation technology independently developed by Qixing Information Technology Co., Ltd, which provides high security isolation protection for key data. There is an arbitrary file readin...

SQL Injection Vulnerability in Cu***.aspx Page of Huigao OA Office System

Chengdu Huigao Software Co., Ltd. is an OA software developer and service provider. There is a SQL injection vulnerability in the Cu.aspx page of the Huigao OA office system, which can be exploited by attackers to obtain sensitive information from the database...

KLA11402 Spoofing vulnerability in Microsoft Office

Spoofing vulnerability was found in Microsoft Office. Malicious users can exploit this vulnerability remotely via specially crafted request to spoof user interface. Original advisories CVE-2019-0624 Related products Microsoft-Lync Microsoft-Office CVE list CVE-2019-0624 warning KB list 3061064...

CVE-2018-19918

CuppaCMS has XSS via an SVG document uploaded to the administrator//component/tablemanager/view/cuviews URI...

Description of the security update for SQL Server 2016 CU: January 6, 2018

Description of the security update for SQL Server 2016 CU: January 6, 2018 Summary Microsoft is aware of detailed information that has been published about a class of vulnerabilities that are referred to as speculative execution side-channel attacks. To learn more about the vulnerabilities, go to...

UBUNTU-CVE-2017-13135

A NULL Pointer Dereference exists in VideoLAN x265, as used in libbpg 0.9.7 and other products, because the CUData::initialize function in common/cudata.cpp mishandles memory-allocation failure...

CVE-2017-14934

processdebuginfo in dwarf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service infinite loop via a crafted ELF file that contains a negative size value in a CU structure...

CVE-2017-14934

processdebuginfo in dwarf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service infinite loop via a crafted ELF file that contains a negative size value in a CU structure...

Microsoft SQL Server 2016 CU Information Disclosure Vulnerability (KB4019086)

Microsoft SQL Server is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

KB4019086 - Description of the security update for SQL Server 2016 RTM CU: August 8, 2017

KB4019086 - Description of the security update for SQL Server 2016 RTM CU: August 8, 2017 Summary This update resolves vulnerabilities in Microsoft SQL Server. The most severe vulnerabilities could allow an attacker to exploit the vulnerability if the attacker's credentials allow access to an...

Deseneaza cu Mowgli - Dangerous filesystem permissions, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application Deseneaza cu Mowgli published at the 'play' market has multiple vulnerabilities...

CVE-2014-7036

The Quest Federal CU Mobile aka com.metova.cuae.questfcu application 1.0.27 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-7036

CVE-2014-7036 affects the Quest Federal CU Mobile Android application (package com.metova.cuae.questfcu), version 1.0.27. The app does not verify X.509 certificates for SSL/TLS connections, enabling man-in-the-middle attackers to spoof servers and obtain sensitive information through a crafted ce...

CVE-2014-7036

The Quest Federal CU Mobile aka com.metova.cuae.questfcu application 1.0.27 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-6772

The United Educational CU aka com.metova.cuae.uecu application 1.0.27 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-6772

The United Educational CU aka com.metova.cuae.uecu application 1.0.27 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-6772

CVE-2014-6772 concerns the Android app United Educational CU (com.metova.cuae.uecu) version 1.0.27, which does not verify SSL server X.509 certificates. This vulnerability allows a man‑in‑the‑middle attacker to spoof servers and obtain sensitive information via a crafted certificate. The availabl...

Hylafax Hylafax 4.0.2 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/765/info Hylafax is a popular fax server software package designed to run on multiple UNIX operating systems. Some versions of Hylafax ship with a vulnerable sub program 'faxalter'. This program is installed SUID UUCP and...

HP-UX 9.x/10.x/11.x cu Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1886/info cu is a unix utility that is used for communication between two hosts usually over phone lines. It is typically isntalled setuid root so that it can access communications hardware when executed by a regular user...